Presentation is loading. Please wait.

Presentation is loading. Please wait.

Timeliness and Security in Real-Time Data Services

Published bySherman Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "Timeliness and Security in Real-Time Data Services"— Presentation transcript:

1 Timeliness and Security in Real-Time Data Services
Sang Hyuk Son Department of Computer Science University of Virginia Charlottesville, Virginia 22903

2 Outline Introduction to real-time systems
Trends in real-time system applications Key research issues Real-time and secure data services QoS management Flexible security Summary

3 Real-Time Systems A system whose basic specification and design correctness arguments must include its ability to meet its timing constraints. Its correctness depends not only on the logical correctness, but also on the timeliness of its actions.

4 current state (view) update tasks to be performed by real-time systems
Input Real-Time System Real World Output Input current state (view) update tasks to be performed by real-time systems Output actions to change real world situation information to be retrieved to support decision-making

5 Real-Time Systems Real-time systems timeliness and predictability
typically embedded in a large complex system dependability (reliability) is crucial explicit timing constraints (soft, firm, hard) A large number of applications aerospace and defense systems, nuclear systems, robotics, process control, agile manufacturing, stock exchange, network and traffic management, multimedia computing, and medical systems Rapid growth in research and development workshops, symposia, journals standards (POSIX, RT-SQL, RT-CORBA, RT-Java, etc)

6 Time Constraints v(t) v0 d t v(t) v0 d1 d2 t

7 Trends in Real-Time Systems Applications
Soft real-time requirements rather than hard ones much wider applications relates well with the notion of QoS soft is harder to deal with than hard ones Operate in unpredictable environments WCET too pessimistic or high variance in execution time unbounded arrival rate; overload unavoidable Need to support multi-dimensional requirements real-time, power, size, cost, security, and fault-tolerance conflicting resource requirements and system architecture Embedded and component-based

8 Example Application arrival rate? resource requirement? delay? congested? Resources? Service delay? Throughput? Differentiation? User population? Processing power? Performance-critical applications in unpredictable environments open systems on the Internet: e-business servers, web hosting data-driven systems: real-time databases, smart spaces

9 Sensor Networks: Swarm Computing
Resource management, team formation, real-time, mobility, power, security Smart Dust Heterogeneous Sensors/Actuators/processors battlefield awareness earthquake response tracking movements of animals smart paint MEMS in human bloodstream

10 Smart Spaces Pervasive Global connectivity Smart School
Smart Classroom Smart City Smart Factory

11 Key Research Issues How to support aggregated properties (control them) theory and practice of feedback control middleware architecture for large-scale distributed systems How to manage real-time data timeliness and data freshness flexible security How to support multidimensional requirements system composition via components reflection-based approaches

12 Data Services for Real-Time Systems
Critical in real-time systems real-time computing needs to access data: real-world applications involve time constrained access to data that may have temporal property traditional real-time systems manage data in application-dependent structures as systems evolve, more complex applications require efficient access to more data Function of real-time data services gathering data from the environment, processing it in the context of information acquired in the past, for providing timely and temporally consistent responses

13 Real-Time Data Services: Examples
They are used to monitor and control real-world activities Networking and telecommunication systems routers and network management systems switching systems Control systems automatic tracking and object positioning Real-time streaming from sensors and video servers E-commerce Web-based data services

14 Something to Remember ... Real-time  FAST
Real-time  nonosecs or secs Real-time means explicit or implicit time constraints A high-performance database which is simply fast without the capability of specifying and enforcing time constraints are not appropriate for real-time applications

15 Time Constraints on Data
Where do they come from? state of the world as perceived by the controlling system must be consistent with the actual state Requirements timely monitoring of the environment timely processing of sensed information timely derivation of needed data Temporal consistency of data absolute consistency: freshness of data between actual state and its representation relative consistency: correlation among data accessed by a transaction

16 Static Data and Temporal Data
data in a typical database values not becoming obsolete as time passes logical consistency is the key consideration Temporal data arrive from continuously changing environment represent the state at the time of sensing has observed time and validity interval users of temporal data need to see temporally coherent views of the data (state of the world) When must the data be temporally valid? ideally, at all times in practice, only when they are used by transactions

17 An Example Data object is specified by
(value, absolute validity interval, time-stamp) Interested in {temperature and pressure} with relative validity interval of 5 Let current time = 100 temperature = (347, 10, 95) and pressure = (50, 20, 98) -- temporally consistent temperature = (347, 10, 98) and pressure = (50, 20, 91) -- temporally inconsistent

18 BeeHive Project Global real-time database system
object-based with added object semantics support in RT, FT, QoS, and Security different types of data: video, audio, images and text sensors and actuators Novel component technology data deadline, forced delay, conditional priority inheritance real-time logging and recovery flexible security QoS management based on feedback control Cogency Monitor

19 Current Research Activities in BeeHive
BeeHive Front End Java Simulation Cogency Monitor Basic BeeHive Storage Manager Expand DB Database QoS Control Admission Control RTDB Internals Security

20 QoS Management in RT Data Services
Motivation increasing demands for real-time data services web-based information services sensor networks decision support systems temporary overload and service degradation inevitable Service quality: QoS parameters timeliness data freshness behavior in transient state

21 Objectives and Approaches
Soft guarantees for timeliness and data freshness Approaches feedback control controller design and parameter tuning admission control adaptive update policy conflict between timeliness & freshness dynamic balancing between updates and transactions differentiated services absolute/relative miss ratios

22 Performance Metrics Transaction types sensor updates
periodic updates to reflect the current status application transactions Major performance metrics data freshness deadline miss ratio behavior in transient state: overshoot and settling time

23 RTDB Services qRTDB Update Streams S1 S2 Sn Deadline Freshness
Base(Sensor) Data Set Adm Ctrl User Transactions Derived Data Set Static Data Set qRTDB Scheduling/CC

24 Data Freshness Database Database Freshness: Perceived Freshness:
Set of continuous data Perceived Freshness: Set of continuous data accessed by timely transactions

25 Timeliness Specification
Miss ratio Overshoot Steady state error % Reference Transient State Steady State Time Settling time

26 QMF Architecture

27 Feedback Control Architecture
Completed Transactions EDF Scheduler RTDB MR(t) FR(t) QoS Manager (Actuator) PID Controller U MRs Updates U’ Accepted Transactions FRs Admission Controller FCS Submitted Transactions Updates

28 Real-Time Secure Data Management
Characteristics transactions with timing constraints data with temporal properties distributed multimedia data mixture of sensitive and unclassified data Requirements timeliness and predictability temporal consistency synchronization of multimedia data security enforcement high performance

29 Real-Time Secure Data Management
Issues integrate support of different types of requirements predictability yet flexible execution conflicts between real-time and security storage, retrieval, and synchronization of distributed data real-time management resources high performance yet fault-tolerant trade-offs scalability of solutions

30 Security and Real-Time
For timeliness, no priority inversion in real-time applications tasks with earlier deadline or higher criticality has higher priority for better service In secure systems, no security violation is allowed Incompatible under the binary notion of absolute security priority inversion vs security violation Higher security services require more resources

31 Example of the Problem Both require lock on the resource
- high priority - low priority Access Access - high security - low security Resource Both require lock on the resource How to resolve this conflict? if lock is given to T1, security violation if lock is given to T2, priority inversion

32 Requirement for Real-Time Secure DBS
Supporting both requirements of real-time and security for real-time databases: How to provide acceptably high security while remains available and provides timely services?

33 Research Issues Flexible security vs absolute security
paradigm for flexible security services identifying correct metrics for security level Adaptive security policies Mechanisms to enforce required level of security and trading-off with other requirements: access control, authentication, encryption, .. time-cognizant protocols, data deadlines, ... replication, primary-backup, ... Specification to express desired system behavior verification of consistency/completeness of specification

34 Flexible Security Services
Flexible vs absolute (binary) security traditional notion of security is binary: secure or not problem of binary notion of security: difficult to provide acceptable level of security to satisfy other conflicting requirements research issue: quantitative flexible security levels One approach represent in terms of % of potential security violations problem: not precise --- percentage alone reveals nothing about implications on system security e.g., 1%violation may leak most sensitive data out

35 Flexible Security for Access Control
Possible approaches to provide flexible security control potential violations between certain security levels even if it allows potential security violations, it does not completely compromise the security of the system use different algorithms in an adaptive manner A possible configuration Top secret Top secret Top secret Top secret Secret Secret Secret Secret Confidential Confidential Confidential Confidential Unclassified Unclassified Unclassified Unclassified B C D A

36 Flexible Security Policies (5 levels)
Completely secure: no violations allowed Secure levels 2, 3 & 4: high 3 levels kept completely secure Secure levels 3 & 4: high 2 levels kept completely secure Split security: violations allowed between top 2 levels, and among low 3 levels Secure level 4: highest level kept completely secure No security: violations can occur between any levels Gradual security: control the number of violation between each level

37 Performance Study Significant improvement in real-time performance as more potential covert channels allowed: completely secure (6.5%) vs no security (3.3%) for 500 data items complete secure (5%) vs no security (1%) for 1000 data items Trade-off capacities of security policies are strictly ordered: from completely secure through multiple secure levels to no security

38 Simulation Results

39 Flexible Security in BeeHive System
Four available security levels on users/objects or communications computation costs increase with level of security Client negotiated range of security levels for transaction communications Dynamic level changes as a function of real-time load

40 Security Manager Services
Multi-level authentication and confidentiality encryption Client authorization and session control Session key generation and management Transaction management Dynamic security level control for transaction communications and synchronization

41 Security Manager Environment
data flow execution control Client Table Session Table client security level & key session keys & status Mapper/ Admission Control transaction handoff session & transaction requests Security Manager Scheduler transaction object & session data DB TransData transaction results thread n object read & write thread n-1 Beehive

42 Impact of Difference in Message Size

43 Adaptive vs. Non-Adaptive

44 Level Switching (100% adaptive client)
% MADE L E V E L 3 2 LEVEL 1

45 Discussions Good performance gains achievable in soft real-time system during overload conditions Reasonable performance with small message sizes with I/O overhead Flexibility using adaptive security policies is effective and useful in practical systems

46 Improved Security using RT Semantics
Exploiting real-time properties for improved security timely detection of security violation is essential critical in real-time secure applications Example: Intrusion detection using time signature temporal data need to be refreshed/updated periodically refresh rate can be chosen between some min and max rate typically a single rate is chosen and fixed, while new rate within the min-max window can be reassigned after some interval for improved security time semantics should be unknown to intruder

47 Intrusion Detection using RT Semantics
Idea of embedding security rules into data objects Rules are used to specify constraints define correct states of data objects and inter-object relationships actions to be taken on certain events violation of security constraints can be detected (ECA rule) update request on a sensitive temporal data object (event) triggers a rule to check right update time using periodic update rate (condition) reports suspicious update request (action)

48 Normal and Suspicious Activities
Establishing normal behavior is necessary to detect intrusion Ability to distinguish normal from suspicious depends on the range of fluctuations of “normal” behavior Key parameter is acceptable tolerance in deviation from normal false alarms (false positives) increases with low tolerance missed detection (false negatives) increases with high tolerance Issue: identify time semantics that are effective even with varying system workload (and which ones are not effective) certain artificial time semantics can be associated with sensitive data for intrusion detection purpose (e.g., both time and duration of access)

49 Reflection Methodology
Identify the reflective information (semantics) Retain the information to be accessible for analysis Perform security checks and analysis Retain the information at runtime (flexibility) Expose the information to the security management code

50 Reflection - Example PCB - not reflective PCB Reflective registers
ptr to stack ptr to stack priority priority deadline What it takes to execute! security info time semantics

51 Reflection in Real-Time Systems
Enhances visibility of information between levels (off-line to on-line) semantic information (real-time, FT, security ..) individual module and system-wide policies Simple Examples 1 1 vs FT 3 exec. 2 2 3 3 Node Node Node 3 T1 = P1; T2 = P2; T3 = P3; System does not know they are related Lost information

52 Data Services in Sensor Networks
Recent advances in low-cost low-power devices large scale sensor networks (ad hoc mobile networks) each node consists of sensors/actuators/processors Key issues in data services how to collect and disseminate real-time data QoS management under resource constraints how to conserve energy while satisfying application requirements real-time constraints and security requirements

53 Summary Most current real-time systems technology is based on
predictable operating environments, known workload, WCET, wired networks, highly reliable nodes, no other conflicting requirements (e.g., power, security, FT, ..) Trends soft RT, unpredictable environments, multidimensional requirements, QoS, security, embedded and wireless, simple and unreliable nodes, aggregate behavior control, power management, ... New set of solutions needed QoS in real-time data services real-time secure data services – reflective approach data services in sensor networks

54 Recent Papers V. Lee, K. Lam, S. H. Son, and E. Chan,
"On the Transaction Processing with Partial Validation and Timestamps Ordering in Mobile Broadcast Environments," IEEE Transactions on Computers, vol. 51, no. 10, Oct C. Park, S. Park, and S. H. Son, "Multi-version Locking Protocol with Freezing for Secure Real-Time Database Systems," IEEE Transactions on Knowledge and Data Engineering, vol. 14, no. 5, pp , Sept/Oct 2002. A. Datta and S. H. Son, "A Study of Concurrency Control in Real-Time Active Database Systems," IEEE Transactions on Knowledge and Data Engineering, vol. 14, no. 3, pp , June 2002. S. H. Son, R. Mukkamala, and R. David, "Integrating Security and Real-Time Requirements using Covert Channel Capacity," IEEE Transactions on Knowledge and Data Engineering, vol. 12, no. 6, pp , Dec

55 Recent Papers (cont’d)
Lee, V., Stankovic, J, and Son, S.H., “Intrusion Detection in Real-Time Databases using Time Signatures”, IEEE Real-Time Technology and Applications Symposium, Washington, DC, June 2000. Son, S.H., Zimmermann, R., and Hansson, J., ‘ An Adaptable Security Manager for Real-Time Transactions’, Euromicro Conference on Real-Time Systems, Stockholm, Sweden, June 2000. A. Datta, S. H. Son, and V. Kumar, "Is a Bird in Hand Worth More than Two in the Bush?  Limitations of Priority Cognizance in Conflict Resolution for Firm Real Time Database Systems," IEEE Transactions on Computers, vol. 49, no. 5, pp , May 2000. S. H. Son, "Issues and Approaches to Supporting Timeliness and Security in Real-Time Database Systems," Journal of Systems Architecture, vol, 46, no. 4, pp , Feb Son, S.H. Chaney, C, and Thomlinson, N., Partial Security Policies to Support Timeliness in Secure Real-Time Databases’, IEEE Symposium on Security and Privacy, Oakland, California, May 1998.

56 Recent Papers (cont’d)
J. Stankovic, S. H. Son, and J. Hansson, ‘Misconceptions About Real-Time Databases’, IEEE Computer, June 1999. J. Stankovic and S. H. Son, ‘An Architecture and Object Model for Distributed Object-Oriented Real-Time Databases’, Journal on Computer Systems Science and Engineering, 14(4), July 1999. J. Stankovic, S. H. Son, and C. Nguyen, ‘The Cogency Monitor: An External Interafce Architecture for a Distributed Object-Oriented Real-Time Database System’, IEEE Real-Time Technology and Applications Symposium, Denver, Colorado, June 1998. S. H. Son, R. David, and C. Chaney, "Design and Analysis of an Adaptive Policy for Secure Real-Time Locking Protocol," Journal of Information Sciences, vol. 99, no. 1-2, pp , June 1997. K. Kang, S. H. Son, and J. Stankovic, "STAR: Secure Real-Time Transaction Processing with Timeliness Guarantees," 23rd IEEE Real-Time Systems Symposium (RTSS'02), Austin, TX, Dec

57 A Proof Wondering why not many PhD’s among the rich?
1. Knowledge is Power: Knowledge = Power 2. Time is Money: Time = Money 3. Power is the rate at which work is done: Power = Work / Time 4. Substituting Knowledge & Money for Power & Time: Knowledge = Work / Money 5. Solving for Money: Money = Work / Knowledge Money approaches infinity as Knowledge approaches zero, regardless of the Work done. Proven: The less you know, the more you make. Quod Erat Demonstrandum

Download ppt "Timeliness and Security in Real-Time Data Services"

Similar presentations

CprE 458/558: Real-Time Systems

CprE 458/558: Real-Time Systems
Feedback Control Real-Time Scheduling: Framework, Modeling, and Algorithms Chenyang Lu, John A. Stankovic, Gang Tao, Sang H. Son Presented by Josh Carl.

Feedback Control Real-Time Scheduling: Framework, Modeling, and Algorithms Chenyang Lu, John A. Stankovic, Gang Tao, Sang H. Son Presented by Josh Carl.
Real Time Scheduling.

Real Time Scheduling.
EE5900 Advanced Embedded System For Smart Infrastructure

EE5900 Advanced Embedded System For Smart Infrastructure
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
CprE 458/558: Real-Time Systems (G. Manimaran)1 CprE 458/558: Real-Time Systems (m, k)-firm tasks and QoS enhancement.

CprE 458/558: Real-Time Systems (G. Manimaran)1 CprE 458/558: Real-Time Systems (m, k)-firm tasks and QoS enhancement.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.

Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.
Software Engineering for Real- Time: A Roadmap H. Kopetz. Technische Universitat Wien, Austria Presented by Wing Kit Hor.

Software Engineering for Real- Time: A Roadmap H. Kopetz. Technische Universitat Wien, Austria Presented by Wing Kit Hor.
SIGMETRICS 2008: Introduction to Control Theory. Abdelzaher, Diao, Hellerstein, Lu, and Zhu. CPU Utilization Control in Distributed Real-Time Systems Chenyang.

SIGMETRICS 2008: Introduction to Control Theory. Abdelzaher, Diao, Hellerstein, Lu, and Zhu. CPU Utilization Control in Distributed Real-Time Systems Chenyang.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
City University London

City University London
1 On Handling QoS Traffic in Wireless Sensor Networks 吳勇慶.

1 On Handling QoS Traffic in Wireless Sensor Networks 吳勇慶.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.

Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.
Locality-Aware Request Distribution in Cluster-based Network Servers 1. Introduction and Motivation --- Why have this idea? 2. Strategies --- How to implement?

Locality-Aware Request Distribution in Cluster-based Network Servers 1. Introduction and Motivation --- Why have this idea? 2. Strategies --- How to implement?
Real-Time Databases Krithi Ramamritham, “Real-Time Databases,” International Journal of Distributed and Parallel Databases, 1(2), pp. 199-226, 1993. J.

Real-Time Databases Krithi Ramamritham, “Real-Time Databases,” International Journal of Distributed and Parallel Databases, 1(2), pp , J.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.

Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.

Similar presentations

Ads by Google